Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions

  title={Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions},
  author={Alapan Arnab and A. C. M. Hutchison},
Because many current payment systems are poorly implemented, or of incompetence, private data of consumers such as payment details, addresses and their purchase history can be compromised. Furthermore, current payment systems do not offer any non-repudiable verification to a completed transaction, which poses risks to all the parties of the transaction — the consumer, the merchant and the financial institution. One solution to this problem was SET, but it was never really a success because of… 
Shopping for privacy: Purchase details leaked to PayPal
The application of Elliptic Curve Cryptography in Electronic Commerce
  • Xia Lin
  • Computer Science, Mathematics
    2012 IEEE Symposium on Electrical & Electronics Engineering (EEESYM)
  • 2012
This paper designs an application scheme of Elliptic Curve Cryptography in SET protocol, including key generation, digital signature and envelop algorithms, and presents a secure implementation model of SET transaction which ensures the validity, confidentiality, integrity and non-repudiation of transaction.
Assessing privacy criteria for drm using eu privacy legislation
The main aim of this paper is to examine privacy protection legislations within the EU and their implications for the deployment of Digital Rights Management (DRM) systems and presents seals for IT services and IT products that represent a way of standardizing privacy requirements for implementations.


The verification of an industrial payment protocol: the SET purchase phase
First verification results for the complete purchase phase of SET are reported, showing that the credit card details do remain confidential and customer, merchant and bank can confirm most details of a transaction even when some of those details are kept from them.
PayCash: a secure efficient Internet payment system
PayCash is an Internet payment system that was designed to offer strong security and privacy protection, extended to support a flexible anonymity policy so as to accommodate privacy and security laws that differ from nation to nation.
Authentication in e-commerce
A comprehensive framework for online authentication is presented which shows that there is a significant temporal aspect to the authentication problem over the lifetime of transactional relationships and can facilitate the development of new mechanisms and processes to better authenticate the parties, products, and processes involved in online transactions.
Vicarious infringement creates a privacy ceiling
It is argued that vicarious infringement liability in particular creates a privacy ceiling, a point beyond which there is no economic incentive to intrude on a user's privacy; and, indeed, there is an incentive to architect one's business so that such intrusions are difficult or impossible.
Network Security Essentials: Applications and Standards
This book is intended as a one-semester undergraduate course on network security for computer science, computer engineering, and electrical engineering majors, and serves as a basic reference volume and is suitable for self-study.
Trust and traceability in electronic commerce
This work explores two important elements of that infrastructure, trust and traceability, in the context of the evolving EC infrastructure, and looks at a number of trust enhancers, i.e., technology or other processes that can help increase the level of confidence that people have in electronic commerce.
Verifiable digital object identity system
The primary application for the proposed identity system for digital objects is in a DRM system, where it is necessary to correctly match users' use licenses to the digital objects covered by the use licenses.
Analysis of the SET e-commerce protocol using a true concurrency process algebra
A formal specification of the purchase phase in the SET protocol (Secure Electronic Transaction), an e-commerce protocol by Visa and MasterCard, is presented. It is modelled by means of a True
How DRM-based content delivery systems disrupt expectations of "personal use"
Technological and legal considerations are presented which may help current and future DRM system designers better accommodate consumers' expectations of personal use.
Strong authentication a hard sell for banks. ComputerWorld
  • URL: Last accessed:
  • 2004